Ok, I'm exploring the idea of an all Linux network. So I'll set up a situation, and I'm just looking for suggestions as to what I need to read and study if I were to implement this. This is all hypothetical, I'm just wanting to learn. And yes, I did a search of the forums and didn't find anything along these lines.

All of the clients on this network would be of the same type, to avoid the amount of work needed to maintain separate distributions. Let's just assume they're all Fedora. This is a private network, with no access to the outside world. I would want some kind of a repository to host software I want to make available to the clients. This would also require me to research dependencies of each piece of software I make available and also store that on this repository. My first question is, how do you set up a repository, is it just a public FTP/HTTP/NFS server that hosts files publicly? I understand running my own repository would allow me to manage the software made available (removing default repos on initial install of the client OS and adding only mine) to my users, and manage updates as well.

Now in order to avoid memorizing IP addresses, a DNS server would also be necessary, also running either Fedora or Redhat, so that the software packages available on the repository would still apply. What kind of software packages exist to run a reliable and easy to maintain DNS server in a Linux environment?

The end-user would only use their client machines for office work such as text documents, slideshows, email, and video conferencing.

For deploying the client machines operating systems, I could set up one computer, complete with a default set of software and configurations, and make an image of this computer to deploy to the client machines. What imaging software is friendly toward *nix partitions? I've heard Symantec Ghost isn't the best for non-Windows platforms. Also, what issues might I run into while deploying an image like this? In Windows I know you have to change the hostname or you get a little message constantly telling you that there is another machine on the network with the same name, and it sometimes causes communcation errors.

Now let's say I want to manage the client machines remotely, as well as user accounts. Something like Active Directory. Is there software for Linux servers that allow for hosting domains to allow for network logins, and the remote management of the user accounts? I would assume so since I've seen a lot of distributions with the option for "Network Logon". Also, would it be possible to have the repository verify access using the network username/password and deny access to eroneous users?

A shared resources server I understand would be fairly easy to set up, sharing folders and printers in Linux is pretty easy to do, and I like the CUPS web interface for managing printers remotely.

Any suggestions and answers are greatly appreciated. Just think, if you were charged with setting up a corporate network and you were only authorized the use of Linux operating systems, what would you do?

dudeman41456

Personally I would use Debian because I use it. That said, I am not sure that you would need a local repository unless you were custom compiling a lot of software. With the permissions in linux you can just lock your normal users out of the ability to install or compile software. So unless there is a reason to want to limit the sys admins use of internet bandwidth for security updates I see little need to setup and maintain a local repository.

Besides in my limited experience I seldom have hardware that is all the same. For instance I have 2 laptops with amd64, 2 desktops with 686, one with 586, and one with a 486 kernel and related software. I personally have to many other things to maintain to worry about maintaining a repository too. That said, Debian has some great packages specifically for setting up and maintaining apt-get repositories. I would assume that the people over at Redhat/Fedora have similar for rpm based repositories.

Another option is to point your packaging system to a local repository that holds only your custom software and let the distro take care of the rest. With only the admin being able to install and or update software you should be safe enough, unless you are super paranoid.

As for DNS the standard setup of bind9 in Debian is a caching setup. If you are not going to have a lot of machines coming and going on your setup static ip's may be easier. Then with your hosts file on each machine you have all the name resolution you need.

For partitioning look into 'parted' it has a couple of frontend like gparted and qtparted, there may be others. I like the QTParted live cd for my partition manipulation. It also has the dd command that will make an image of just about anything.

SSH is the way to go for logging into remote machines. With it I am able to login to one of my machines and run their apps from where I am without having to run the whole gui remotely. Of corse if you want to run the whole gui remotely look into a vncserver. Another good remote admin tool is webmin.

Samba is the way to go for file sharing if you are planing on having access to windows type shares. If not then nfs may be better. I had samba working at one time but some update along the way broke it and I haven't taken the time to fix it yet.

One thing you didn't mention is a linux firewall. That is where I have started. I am on the third generation now and am trying to lock this one down much better than the firs two. There are a couple of quick and easy methods, firestarter and floppyfw come to mind.

If you have an existing network you might build a quick linux nat/firewall and put it on the existing network and setup a testing network to do the rest of your development on. There is nothing like setting up a machine, better yet many machines to learn what needs to be done and if something break it is not that big a deal. If it ain't broke tweak it, you can always reinstall.

All of the above is from memory and mine is somewhat defective. So there is probably incorrect info. Perhaps someone that knows better than me can correct it. Thanks.

Hope that helps.